Information and Communication Company – €50,000 Fine (Croatia, 2025)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
An information communication company was fined €50,000 after a cyber attack exposed their weak security measures. They have since improved their security and cooperated with authorities. This incident serves as a warning for all businesses to strengthen their cybersecurity.
What happened
The information communication company suffered a cyber attack due to inadequate security measures.
Who was affected
Users of the company's services who were potentially affected by the data breach.
What the authority found
The Croatian DPA determined that the company did not have sufficient technical and organizational measures in place to protect personal data during the cyber attack.
Why this matters
This case highlights the critical need for businesses to implement robust cybersecurity measures to protect user data from breaches.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
Entities Involved
The Croatian DPA has imposed a fine of EUR 50,000 on an information communication company. The controller suffered a cyber attack due to insufficient technical and organisational measures to ensure information security. Following the incident, the company implemented these measures and cooperated adequately with the supervisory authority.
Related Enforcement Actions (0)
No other enforcement actions found for Information and Communication Company in HR
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
22 July 2025
Authority
Agencija za zaštitu osobnih podataka
Fine Amount
€50,000
Enforcement Tracker ID
ETid-3101
About this data
Cite as: Cookie Fines. Information and Communication Company - Croatia (2025). Retrieved from cookiefines.eu
Last updated: